# switchnodedesk.pages.dev — SUSPICIOUS

> switchnodedesk.pages.dev flagged for generic phishing via deceptive login pages. Check the full report.

## Summary
PhishDestroy identifies switchnodedesk.pages.dev as an active generic phishing domain leveraging deceptive authentication pages to harvest credentials. The domain masquerades as a legitimate service, likely targeting users with fake login interfaces to steal sensitive information. No specific brand impersonation or drainer kit signatures were detected during initial analysis, suggesting a broad, opportunistic campaign rather than a targeted operation.


Technical indicators confirm elevated risk: VirusTotal flags 1 out of 95 security vendors, while the domain resolves to IP 172.66.45.26 via Cloudflare, Inc. The SSL certificate, issued by Google Trust Services, provides a false sense of legitimacy. Creation date remains unverified, but the domain’s recent activity aligns with active phishing operations. No presence on Google Safe Browsing (GSB) lists was detected, though blocklist coverage remains minimal at 1/95.


The domain remains active with an elevated risk status. Users are advised to avoid interaction and report the domain to security teams or browser warn lists. Remaining risk stems from the domain’s use of Cloudflare’s infrastructure, which complicates takedown efforts. Immediate action includes blocking IP 172.66.45.26 and domain-wide denylisting in enterprise environments. Partial mitigation is achievable, but full eradication depends on Cloudflare’s response or domain expiration.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.45.26

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b0aded9a-9b6d-40be-b1b2-3fea63d139db
- PhishDestroy: https://phishdestroy.io/domain/switchnodedesk.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/switchnodedesk.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/switchnodedesk.pages.dev/
Last updated: 2026-03-24